Configure third-party application encryption

Steps

  1. Navigate to the page Settings > Inbound/Outbound > Encryption.
  2. From the pull-down menu Encryption method, select Third-party application. Applicable configuration options display.
  3. Add encryption servers (up to 32) to the Encryption Server List:
    1. Enter the IP address or hostname and port number of each server.
    2. Use the MX lookup feature; mark the check box Enable MX lookup.

      If you entered an IP address in the previous step, the MX lookup option is not available.

    3. Click the arrow to the right of the Add Encryption Server box to add the server to the Encryption Server List.

    Delete a server from the list; select it and click Remove.

  4. In the pull-down menu Encrypted IP address group, specify an IP address group if decryption is enabled or if encrypted email is configured to route back to the email software.
    The default is Encryption Gateway.
  5. Configure users to present credentials to view encrypted mail; mark the check box Require authentication and supply the desired user name and password in the appropriate fields.
    Authentication must be supported and configured on your encryption server to use this function.
  6. In the field Encryption X-Header, specify an x-header to be added to a message that should be encrypted.
    This x-header value must also be set and enabled on your encryption server.
  7. In the field Encryption Success X-Header, specify an x-header to be added to a message that has been successfully encrypted.
    This x-header value must also be set and enabled on your encryption server.
  8. In the field Encryption Failure X-Header, specify an x-header to be added to a message for which encryption has failed.
    This x-header value must also be set and enabled on your encryption server.
  9. Select any desired encryption failure options:
    • Mark the check box Send messages to queue.

      Select a queue for these messages from the pull-down menu. The default is the virus queue.

    • Mark the check box Send notification to original sender.
    • In the section Notification Details, enter the notification message subject and content in the appropriate fields.
    • Include the original message as an attachment to the notification message; mark the check box Attach original message.
    • Deliver the message that failed the encryption operation; select Deliver message.

      This is the default.

    • Do not deliver the message that failed the encryption operation; select Drop message.
  10. Decrypt encrypted messages; mark the check box Enable decryption
  11. Select any desired decryption options:
    • In the field Content type, enter the message content types to decrypt, separated by semicolons.

      Maximum length is 49 characters. Default entries include multipart/signed, multipart/encrypted, and application/pkcs7-mime.

    • In the field X-Header, specify a message x-header that identifies a message to decrypt.

      This x-header value must also be set and enabled on your encryption server.

    • In the field Decryption X-Header, specify an x-header to be added to a message that should be decrypted.

      This x-header value must also be set and enabled on your encryption server.

    • In the field Decryption Success X-Header, specify an x-header to be added to a message that has been successfully decrypted.

      This x-header value must also be set and enabled on your encryption server.

    • In the field Decryption Failure X-Header, specify an x-header to be added to a message for which decryption has failed.

      This x-header value must also be set and enabled on your encryption server.

    • Forward a message that has failed decryption to a specific queue; mark the check box On decryption failure and select a queue for these messages from the pull-down menu.

      The default is the virus queue.

  12. Click OK.
    The settings are saved.